# kra33at-cc.top — SUSPICIOUS

> kra33at-cc.top is a cryptocurrency drainer domain with a 1/95 VirusTotal detection score. Check the full report.

## Summary
PhishDestroy identifies kra33at-cc.top as an active cryptocurrency drainer phishing domain impersonating a legitimate brand. This domain, registered on May 30, 2025, is designed to deceive users by mimicking a trusted service, likely targeting cryptocurrency holders to siphon funds through fraudulent transactions. The threat type is classified as a generic phishing campaign with elevated risk, leveraging social engineering to exploit user trust in crypto platforms.  

This domain was flagged by VirusTotal with a 1/95 security vendor detection score, indicating minimal initial recognition by antivirus engines as of the latest scan. It resolves to the IP address 91.236.116.165 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain remains unlisted on Google Safe Browsing (GSB) and has not yet accumulated significant entries on major blocklists, suggesting it is still in an early deployment phase. Its recent creation date and low detection rate imply an actively evolving threat with potential for rapid expansion.  

As of the latest assessment, kra33at-cc.top remains active, posing an elevated risk to unaware users. Immediate actions include blocking the domain at the network level and updating browser-based security tools to prevent access. While current blocklist coverage is limited, proactive monitoring and user education about cryptocurrency drainer tactics are critical to mitigating exposure. The remaining risk is elevated due to the domain’s active status and the inherent difficulty in detecting new, low-signature phishing infrastructures like this one.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: kra33at-cc.top

## Domain Intelligence
- Registered: 2025-05-30 11:22:47
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 91.236.116.165

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/41edac2c-0975-4737-8aa8-474adc6b3f65
- PhishDestroy: https://phishdestroy.io/domain/kra33at-cc.top/
- LLM endpoint: https://phishdestroy.io/domain/kra33at-cc.top/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kra33at-cc.top/
Last updated: 2026-03-28